review-cleanup:
  timeout: 15min
  extends:
    - .default-retry
    - .review:rules:review-cleanup
  image: ${REVIEW_APPS_IMAGE}
  stage: prepare
  needs: []
  environment:
    name: review/regular-cleanup
    action: access
  variables:
    GIT_DEPTH: 1
  before_script:
    - source scripts/utils.sh
    - !reference [".use-kube-context", before_script]
    - install_gitlab_gem
    - setup_gcloud
  script:
    - scripts/review_apps/automated_cleanup.rb --dry-run="${DRY_RUN:-false}" || (scripts/slack review-apps-monitoring "☠️ \`${CI_JOB_NAME}\` failed! ☠️ See ${CI_JOB_URL} - <https://gitlab.com/gitlab-org/quality/engineering-productivity/team/-/blob/main/runbooks/review-apps.md#review-cleanup-job-failed|📗 RUNBOOK 📕>" warning "GitLab Bot" && exit 1);

review-stop:
  extends:
    - review-cleanup
    - .review:rules:review-stop
  environment:
    name: review/${CI_COMMIT_REF_SLUG}${SCHEDULE_TYPE}  # No separator for SCHEDULE_TYPE so it's compatible as before and looks nice without it
    action: stop
  resource_group: review/${CI_COMMIT_REF_SLUG}${SCHEDULE_TYPE}  # CI_ENVIRONMENT_SLUG is not available here and we want this to be the same as the environment
  before_script:
    - source ./scripts/utils.sh
    - source ./scripts/review_apps/review-apps.sh
    - !reference [".use-kube-context", before_script]
  script:
    - retry delete_helm_release

.base-review-checks:
  extends:
    - .default-retry
  image: ${REVIEW_APPS_IMAGE}
  stage: prepare
  before_script:
    - source scripts/utils.sh
    - setup_gcloud
    - !reference [".use-kube-context", before_script]

review-k8s-resources-count-checks:
  extends:
    - .base-review-checks
    - .review:rules:review-k8s-resources-count-checks
  needs:
    - job: review-cleanup
      optional: true
  environment:
    name: review/k8s-resources-count-checks
    action: verify
  script:
    - scripts/review_apps/k8s-resources-count-checks.sh || (scripts/slack review-apps-monitoring "☠️ \`${CI_JOB_NAME}\` failed! ☠️ See ${CI_JOB_URL} - <https://gitlab.com/gitlab-org/quality/engineering-productivity/team/-/blob/main/runbooks/review-apps.md#review-k8s-resources-count-checks-job-failed|📗 RUNBOOK 📕>" warning "GitLab Bot" && exit 1);

review-gcp-quotas-checks:
  extends:
    - .base-review-checks
    - .review:rules:review-gcp-quotas-checks
  needs: []
  environment:
    name: review/gcp-quotas-checks
    action: verify
  script:
    - ruby scripts/review_apps/gcp-quotas-checks.rb || (scripts/slack review-apps-monitoring "☠️ \`${CI_JOB_NAME}\` failed! ☠️ See ${CI_JOB_URL} - <https://gitlab.com/gitlab-org/quality/engineering-productivity/team/-/blob/main/runbooks/review-apps.md#review-gcp-quotas-checks-job-failed|📗 RUNBOOK 📕>" warning "GitLab Bot" && exit 1);

start-review-app-pipeline:
  extends:
    - .review:rules:start-review-app-pipeline
  resource_group: review/${CI_COMMIT_REF_SLUG}${SCHEDULE_TYPE}  # CI_ENVIRONMENT_SLUG is not available here and we want this to be the same as the environment
  stage: review
  needs:
    - job: e2e-test-pipeline-generate
    - job: build-assets-image
      artifacts: false
  # We do not want to have ALL global variables passed as trigger variables,
  # as they cannot be overridden. See this issue for more context:
  #
  # https://gitlab.com/gitlab-org/gitlab/-/issues/387183
  inherit:
    variables:
      - CHROME_VERSION
      - REGISTRY_GROUP
      - REGISTRY_HOST
      - REVIEW_APPS_DOMAIN
      - REVIEW_APPS_GCP_PROJECT
      - REVIEW_APPS_GCP_REGION
      - REVIEW_APPS_IMAGE
      - RUBY_VERSION
      - DEBIAN_VERSION

  # These variables are set in the pipeline schedules.
  # They need to be explicitly passed on to the child pipeline.
  # https://docs.gitlab.com/ee/ci/pipelines/multi_project_pipelines.html#pass-cicd-variables-to-a-downstream-pipeline-by-using-the-variables-keyword
  variables:
    # This is needed by `review-build-cng-env` (`.gitlab/ci/review-apps/main.gitlab-ci.yml`).
    PARENT_PIPELINE_ID: $CI_PIPELINE_ID
    SCHEDULE_TYPE: $SCHEDULE_TYPE
    DAST_RUN: $DAST_RUN
    SKIP_MESSAGE: Skipping review-app due to mr containing only quarantine changes!
    QA_RUN_TYPE: e2e-review-qa
  trigger:
    strategy: depend
    include:
      - artifact: review-app-pipeline.yml
        job: e2e-test-pipeline-generate

include:
  - remote: 'https://gitlab.com/gitlab-org/quality/pipeline-common/-/raw/6.4.0/ci/danger-review.yml'

danger-review:
  extends:
    - .default-retry
    - .ruby-node-cache
    - .review:rules:danger
  image: "${DEFAULT_CI_IMAGE}"
  before_script:
    - source scripts/utils.sh
    - bundle_install_script "--with danger"
    - yarn_install_script

danger-review-local:
  extends: danger-review
  before_script:
    - !reference ["danger-review", "before_script"]
    # We unset DANGER_GITLAB_API_TOKEN so that Danger will run as local from `danger-review:script`
    - unset DANGER_GITLAB_API_TOKEN
